Security Consultant (Microsoft Security Solutions)

Capgemini is a global leader partnering with companies to transform and manage their business by harnessing the power of technology. The Group has over 360,000 team members globally in more than 50 countries, with a 55-year heritage and deep industry expertise. Capgemini addresses the entire breadth of business needs, from strategy and design to operations, fueled by cloud, data, AI, connectivity, software, digital engineering, and platforms.

• Must have Microsoft Purview expertise.
• Practical experience with DLP on Endpoint, M365, and Cloud Apps.
• Experience building and tuning DLP policies.
• Incident analysis skills related to data exfiltration and sharing.
• Understanding of data governance concepts.
• Basic PowerShell automation skills.
• Experience with Insider Risk Management including policy configuration and incident triage.
• Knowledge of Information Protection including sensitivity labels and auto-labelling.
• Experience with labelling across Microsoft 365 services.

Nice to have:

• DLP integrations outside M365 and custom rule sets.
• Advanced PowerShell automation.
• Experience in global environments with high alert volumes.
• IRM escalation flows with HR, Legal, Compliance.
• Large-scale rollouts.
• Building enterprise labelling taxonomies and advanced auto-labelling scenarios.
• Microsoft SC/AZ certifications or CISSP/CISM.

• Deliver cybersecurity advisory projects across risk, compliance, and data protection.
• Translate technical insights into business recommendations for senior stakeholders.
• Work with Microsoft security tools including Defender, Sentinel, Entra, Purview, and Intune.

Data Loss Prevention (DLP):

• Practical experience with Endpoint, M365, and Cloud Apps DLP.
• Building and tuning policies (conditions, exceptions, SITs, EDM).
• Incident analysis including data exfiltration, USB, printing, uploads, sharing.
• Understanding of data governance including classification, lifecycle, retention.
• Basic PowerShell automation for bulk operations and export/import.

Insider Risk Management (IRM):

• Experience with Data Theft, Data Leakage, Violations policies.
• Understanding of activity indicators and signal sources.
• Policy and scoring configuration; behavioral incident triage and tuning.

Information Protection (IP):

• Sensitivity Labels, Label Policies, Auto-labelling (Purview IP).
• Labelling configuration across M365 Apps, SharePoint, OneDrive, Exchange, Teams.
• Knowledge of AIP/MIP and data classification.
• Telemetry analysis for adoption issues and misclassification.
• Basic PowerShell for labels and bulk management.